In database version 12c Package URL_HTTP is used to invoke REST APIs to connect to Oracle GoldenGate Microservices on host01.
You must grant the connect and resolve privileges for host01 to user GGADMIN.
Which procedure of package DBMS_NETWORK_ACL_ADMIN must you use to do this?
Which module of the Oracle Data Masking and Subsetting pack simplifies sensitive data discovery by providing automated discovery procedures and sensitive column types?
AIntegrated Masking and Subsetting
BEnterprise Manager Command Line Interface
CData Masking Transformations
DApplication Data Model
EData Subsetting
You perform sensitive data discovery using the Data Masking and Subsetting feature of Enterprise Manager.
Which two statements are true? (Choose two.)
ACustom sensitive column types can be specified using regular expressions.
BAny column can be manually set to sensitive.
CAll possible sensitive columns are detected.
DThe discovery report only includes selected tables from the application data model.
EThe discovery process overrides any previously identified sensitive columns.
Which three are valid settings to implement Listener Valid Node Checking for Registration (VNCR)? (Choose three.)
Examine this statement executed in a SQL*Plus session:
ALTER SESSION SET EVENTS 'clientid_overwrite';
Which statement is true?
AA value set by DBMS_APPLICATION_INFO.SET_CLIENT_INFO will be copied to V$SESSION.CLIENT_IDENTIFIER.
BA value set by DBMS_SESSION.SET_IDENTIFIER will be copied to V$SESSION.CLIENT_INFO.
CValue set by DBMS_APPLICATION_INFO.SET_CLIENT_INFO will be ignored.
DA value set by DBMS_SESSION.SET_IDENTIFIER will be ignored.
Question 6
Database Vault and Access Control
0
Question 7
Network Security
Question 8
Oracle Database Security Architecture
Question 9
Oracle Database Security Architecture
Question 10
Data Redaction and Masking
Question 11
Data Encryption and Key Management
Question 12
Oracle Database Security Architecture
Question 13
Oracle Database Security Architecture
Question 14
Network Security
Question 15
Database Vault and Access Control
Question 16
Data Encryption and Key Management
Question 17
Database Vault and Access Control
Question 18
Oracle Database Security Architecture
Question 19
Oracle Database Security Architecture
Question 20
Database Security Assessment and Monitoring
Question 21
Database Vault and Access Control
Question 22
Data Redaction and Masking
Question 23
Auditing and Compliance
Question 24
Database Vault and Access Control
Question 25
Database Vault and Access Control
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ad
Want a break from the ads?
Become a Supporter and enjoy a completely ad-free experience, plus unlock Learn Mode, Exam Mode, AstroTutor AI, and more.
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
You have implemented Oracle Database Vault. Now DBAs report that they can no longer create users.
What expected behavior implemented by Database Vault has caused this?
Aenforced separation of duties by revoking the CREATE USER privilege from all users
Benforced separation of duties by revoking the CREATE USER privilege from the role DV_ACCTMGR
Cenforced separation of job roles by dropping the role DBA
Denforced separation of duties by only revoking the CREATE USER privilege from the DBA role
Eenforced separation of duties by revoking the CREATE USER privilege from all roles
You connect to the database instance over a network to change the password of user SCOTT.
Which two methods avoid the new password for user SCOTT from being compromised by network sniffing? (Choose two.)
AUse ALTER USER SCOTT IDENTIFIED BY VALUES '<value>'.
BUse ALTER USER SCOTT IDENTIFIED BY <password>.
CSet the server side sqlnet.ora parameter SQLNET.ENCRYPTION_SERVER=REQUESTED.
DSet the server side sqlnet.ora parameter SQLNET.CRYPTO_CHECKSUM_SERVER=REQUESTED.
EUse ALTER USER SCOTT PASSWORD EXPIRE.
FUse the SQL*Plus command PASSWORD SCOTT.
Which command avoids displaying the password on the command line or spooling it to a spool file?
ASET ECHO OFF -ACCEPT password CHAR PROMPT 'Enter password: 'CONNECT jane/&password
You are moving to a Bare Metal Instance on the Oracle Cloud.
Which two define how instance isolation is managed? (Choose two.)
AStorage data is never accessible by another tenant.
BStorage is written to block.
CStorage is fully encrypted.
DThe hypervisor separates instances from each other by default.
EMachine, CPU, Memory, and network are dedicated to the tenant.
You want to create a test database which must contain a subset of production data and also must not contain real values.
You have to decide to use either Datapump export/import or Recovery Manager (RMAN) to make a copy of the database.
Which statement is true about creating a copy of the database given this requirement?
ADatapump can apply the masking but not the subsetting in one operation.
BRMAN can apply the masking and subsetting in one operation.
CRMAN can apply the masking but not the subsetting in one operation.
DDatapump can apply the masking and subsetting in one operation.
Examine these commands:
Which statement is true about newly recorded values in DBA_WALLET_ACLS?
ADBA_WALLET_ACLS contains three new records.
BDBA_WALLET_ACLS contains four new records.
CDBA_WALLET_ACLS contains one new record.
DDBA_WALLET_ACLS contains two new records.
Identify two situations either one of which makes use of password files. (Choose two.)
Awhen SQLNET.AUTHENTICATION_SERVICES= (NONE)
Bwhen remotely connecting via secure connections using a wallet
Cwhen SQLNET.AUTHENTICATION_SERVICES=(NTS)
Dwhen SQLNET.AUTHENTICATION_SERVICES=(BEQ)
Ewhen remotely connecting via TCP insecure connections
You set up Enterprise User Security (EUS) with a third-party LDAP-compliant directory.
Which two products can you use to integrate the EUS-enabled database with the LDAP directory? (Choose two.)
AOracle Virtual Directory
BOracle Internet Directory
COracle Database Vault
DOracle Directory Server
EOracle Key Vault
You must disable OS authentication for database administrative users on a RAC database.
Which option must you use to do this?
ASet REMOTE_OS_AUTHENT = FALSE in the init.ora file.
BRemove all OS users from OS groups: OSDBA, OSOPER, OSBACKUPDBA, OSDGDBA, OSKMDBA, OSASMADMIN, OSASMDBA.
CSet REMOTE_LOGIN_PASSWORDFILE = EXCLUSIVE in the init.ora file.
DSet SQLNET.AUTHENTICATION_SERVICES = (NONE) in sqlnet.ora on the database server.
You grant user BOB the SYSBACKUP administrative privilege.
BOB has connected as SYSBACKUP.
Which statement is true?
AUser BOB can connect to an instance even if the database is closed.
BUser BOB can grant the SYSBACKUP privilege to other users.
CUser BOB must use operating system authentication.
DUser BOB must always use the SYSBACKUP option to connect to the database instance.
Examine these commands that execute successfully:
Examine the execution plan generated for this query:
What must be done to allow the index to be used?
ACreate a SQL baseline to preserve the execution plan from before the encryption.
BEnable encryption hardware acceleration on the CPUs of the machine.
CAdd the first_name column to the ix_employee index to improve its selectivity.
DUse tablespace encryption instead of column encryption.
Database Vault is not used in your installation.
Why is a conventional secure application role more secure than a normal role?
AIt is in effect only when configured as a default role for the user.
BIt can be set only by users with the GRANT ANY ROLE privilege.
CIt requires a password to be set.
DIt can be set only by a package or procedure that is created with definer's rights.
EIt can be set only by a package or procedure associated with the role definition.
Examine the Real Application Security code and output:
Which two statements are true? (Choose two.)
AThe EMP_POLICY policy can be bypassed only by the SYS user.
BThe policy EMP_POLICY is inherited by any view created on the EMPLOYEES table.
CAny view created on the EMPLOYEES table can have a different policy.
DThe policy EMP_POLICY allows no rows to be deleted from the EMPLOYEES table.D. The security policy EMP_POLICY cannot be bypassed by the owner of the EMPLOYEES table.
EThe owner of the EMPLOYEES table can select all data from the table.
To enhance password security you must enforce the use of mixed-case passwords for open database accounts immediately.
Which two steps must be executed? (Choose two.)
AExpire all user passwords.
BConfigure user profiles with a limit for failed login attempts.
CConfigure user profiles with a limit for idle time.
DUnlock any user accounts that are currently locked.
EConfigure user profiles with a password verify function that verifies that passwords are mixed case.
You check the Risk Matrix of the latest Critical Patch Update (CPU).
One of the "Common Vulnerability and Exposure" reports (CVEs) has Base Score that is above 9 in the Risk Matrix.
Which one is not a supported method to address this CVE?
AUpgrade to a new Release.
BInstall a new Release Update Revision.
CImplement a workaround recommended by Oracle Support.
DInstall a new Release Update.
ERequest a one-off patch exception from Oracle Support.
As the security administrator, you are tasked to protect the hr_admin role with these requirements:
HR admin users must be working on-site defined by the workstation IP in the range 192.0.2.10 192.0.2.20.
HR admin users cannot be working outside of normal work hours (8 AM 5 PM.
You decide to create a secure application role.
Examine this code:
AIf the session duration of HR admin users exceeds the business hours, the hr_admin role will be disabled.
BYou must grant execute on the hr_admin_role_check procedure to HR admin users.
CWhen executing SET ROLE hr_admin, the hr_admin_role_check procedure will be invoked.
DYou must grant the hr_admin role to HR admin users.
EAUTHID CURRENT_USER is required so that invoker's rights are used.
Which three statements are true about Data Reduction? (Choose three.)
AOnly SYS user can be exempted from Data Redaction policies.
BIt can be implemented only for tables.
CCustom reaction can be implemented for LOBs.
DRandomly-generated values can be used to redact data in a column.
EA named policy expression can be used for columns of multiple tables.
FNull can be used to redact all of the sensitive data in a table column.
You issue this statement as user SYS:
audit context namespace kilimanjaro attributes a, b;
Which is true?
AThe statement will always succeed.
BThe statement will fail if an AUDIT CONTEXT with namespace kilimanjaro was issued previously.
CThe statement will only succeed if context kilimanjaro exists with both attributes a, b.
DThe statement will only succeed if context kilimanjaro exists.
EThe statement will only succeed if context kilimanjaro exists with at least one of the attributes a, b.
You must implement Fine Grained Access Control using procedure DBMS_RLS.ADD_POLICY whose predicate function returns an unspecified number of conditions.
The predicate may be affected by any system or session environment variable at any time.
Which value must be used for parameter POLICY_TYPE?
ADBMS_RLS.SHARED_STATIC
BDBMS_RLS.SHARED_CONTEXT_SENSITIVE
CDBMS_RLS.CONTEXT_SENSITIVE
DDBMS_RLS.DYNAMIC
EDBMS_RLS.STATIC
The database has Database Vault configured and enabled.
Database users have executed these commands with the appropriate roles.
Examine this command and output:
Why does this error occur?
AThe DSMITH user has no read and write permission on the DATA_PUMP_DIR directory.
BThe DSMITH user has no write permission on the DATA_PUMP_DIR directory.
CThe DV_OWNER role must be granted to the CRMMGR role.
DThe EXP_FULL_DATABASE role must be granted to the CRMMGR role.
